WhatsApp is suing the Israeli hacking company NSO Group in US federal court, the head of WhatsApp, Will Cathcart, announced in the Washington Post today.
WhatsApp accuses NSO Group of exploiting a vulnerability to target approximately 1,400 phones and devices with “malware designed to infect with the purpose of conducting surveillance on specific WhatsApp users.” You can read the complaint here from WhatsApp, which is owned by Facebook.
The hack allowed NSO Group and its customers to spy on messages, emails, and phone calls, as well as the cameras and microphones of the devices in question.
NSO Group, owned by the parent company Q Cyber Technologies, is an Israeli firm that’s become a world leader in building malware that targets mobile phones and devices. It operates around the world and with a wide variety of governments.
The list of publicly known customers and victims has made NSO infamous: Ahmed Mansoor, a human rights activist in the United Arab Emirates, is serving a 10-year prison sentence after NSO malware was reportedly used to repeatedly spy on him.
Researchers at the University of Toronto’s Citizen Lab have investigated and reported on the “journalists, human rights activists and defenders, lawyers, international investigators, political opposition groups, and other members of civil society” they say have been targeted by NSO Group malware.
The company was recently sold to Novalpina Capital and has since publicly stated it would adhere to United Nations principles, but Citizen Lab says the abuses have continued.
A tech giant suing NSO Group is a virtually unprecedented step, which will test a hacking industry that has been expanding in recent years.
NSO Group did not respond to a request for comment.
Cathcart added that tech giants should join UN Special Rapporteur David Kaye’s recent call for an immediate moratorium on the sale, transfer, and use of surveillance tools like NSO Group malware.
Quantum computing has a hype problem
Quantum computing startups are all the rage, but it’s unclear if they’ll be able to produce anything of use in the near future.
These hackers showed just how easy it is to target critical infrastructure
Two Dutch researchers have won a major hacking championship by hitting the software that runs the world’s power grids, gas pipelines, and more. It was their easiest challenge yet.
Russia hacked an American satellite company one hour before the Ukraine invasion
The attack on Viasat showcases cyber’s emerging role in modern warfare.
Russia is risking the creation of a “splinternet”—and it could be irreversible
If Russia disconnects from—or is booted from— the internet’s governing bodies, the internet may never be the same again for any of us.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.